[
https://issues.apache.org/jira/browse/SHINDIG-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marshall Shi updated SHINDIG-1818:
----------------------------------
Attachment: 36831.patch
Patch in attachment 36831.patch
> Ambiguous error message when gadgets are not whitelisted
> --------------------------------------------------------
>
> Key: SHINDIG-1818
> URL: https://issues.apache.org/jira/browse/SHINDIG-1818
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Affects Versions: 2.5.0-beta2
> Reporter: Marshall Shi
> Priority: Minor
> Fix For: 2.5.0-beta2
>
> Attachments: 36831.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> In Shindig when using gadget whitelisting and feature access control, there
> are two error messages:
> 1. Gadget is not whitelisted:
> 403 The requested gadget is unavailable
> 2. Gadget is requesting features that it does not have access too
> 400 The requested gadget is not authorized for this container
> The second error is perfect as it tells me that it has been rejected due to
> an authorization error AND that it may be config related (Type 400 response).
> The first error is ambiguous however, as it looks almost exactly the same as
> when the server that provides the gadget.xml is unavailable and / or rejects
> the request. Please change (1) to something like:
> 403 The requested gadget is not authorized for this container
> This will tell the user that the gadget is both not authorized and via the
> response code (403) that it is missing from the whitelist entirely.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
